<?php
/*
Simple:Press Forum
Image Uploader Script
$LastChangedDate: 2010-01-13 09:31:29 -0700 (Wed, 13 Jan 2010) $
$Rev: 3241 $
*/

if (preg_match('#' . basename(__FILE__) . '#', $_SERVER['PHP_SELF']))
{
	die('Access Denied');
}

$uploaddir = sf_esc_str($_POST['saveloc']);

# Clean up file name just in case
$uploadfile = $uploaddir . sf_filter_filename_save(basename($_FILES['uploadfile']['name']));

# check for existence
if (file_exists($uploadfile))
{
	echo 'exists';
	die();
}

# check file size against limit if provided
if (isset($_POST['size']))
{
	if ($_FILES['uploadfile']['size'] > $_POST['size'])
	{
		echo 'size';
		die();
	}
}

# try uploading the file over
if (move_uploaded_file($_FILES['uploadfile']['tmp_name'], $uploadfile)) {
  echo "success";
} else {
  # WARNING! DO NOT USE "FALSE" STRING AS A RESPONSE!
  # Otherwise onSubmit event will not be fired
  echo "error";
}

die();

?>